Decentralized Autonomous organizations (DAOs) have emerged as blockchain technology evolves beyond cryptocurrencies. Despite being the first project in this ecosystem, The DAO encountered a significant exploit due to inadequate implementation; nevertheless, it still paved the way for future projects. While decentralized autonomous organizations continue to thrive, there is a shortage of academic papers analyzing the associated risks. Therefore, this paper aims to comprehensively examine the current vulnerabilities in these organizations by systematically analyzing past attack incidents. 54 real-world events spanning from 2016 to July 2023 have been collected for identifying and summarizing major attack vectors. The results showcase that flash loan attacks, oracle manipulation, governance takeovers, and reentrancy issues are the critical vulnerabilities within this field. For further protection, this research also provides both general and specific countermeasures against each vulnerability, serving as an evaluation framework for both existing and future projects.